CVE-2020-8910

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Google Closure Library versions up to and including v20200224

Description A URL parsing issue in goog.uri of the Google Closure Library allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority.

Recommendations For Google Closure Library versions up to and including v20200224, update your library to version v20200315.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-625CWE-20

Related Identifiers

CVE-2020-8910

GHSA-VH5W-FG69-RC8M

Affected Products

Google Closure Library

CVE-2020-8910

Weakness Enumeration

Related Identifiers

Affected Products

References · 12